It seems to me that is not been reported here yet. There is a new vulnerability to OpenSSH (user enumeration) that also affects Dropbear. CVE-2018-15473
If you have Docker, you can easily build the POC and test it by yourself with these 2 commands:
$ docker build github.com/Rhynorater/CVE-2018-15473-Exploit -t cve-2018-15473
$ docker run --network host --rm cve-2018-15473 --port 22 --username root openwrt.lan
Nevermind i think i found it. Different CVE number
For the vast majority of OpenWrt users, this isn't a security risk, as OpenWrt is a single user OS, meaning root is the only account majority of users utilize for SSH.
- While additional users can be configured for SSH, there's only a handful of usage cases since OpenWrt is a single user OS.